Category: Bleeping Computer

Ransomware IAB abuses EDR for stealthy malware execution
05
Feb
2026

Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker’s…

Share: X : Hackers compromise NGINX servers to redirect user trafficFacebook : Hackers compromise NGINX servers to redirect user trafficLinkedin : Hackers compromise NGINX servers to redirect user trafficReddit : Hackers compromise NGINX servers to redirect user trafficTelegram : Hackers compromise NGINX servers to redirect user trafficWhatsApp : Hackers compromise NGINX servers to redirect user trafficEmail : Hackers compromise NGINX servers to redirect user traffic
n8n
05
Feb
2026

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking…

Share: X : Critical n8n flaws disclosed along with public exploitsFacebook : Critical n8n flaws disclosed along with public exploitsLinkedin : Critical n8n flaws disclosed along with public exploitsReddit : Critical n8n flaws disclosed along with public exploitsTelegram : Critical n8n flaws disclosed along with public exploitsWhatsApp : Critical n8n flaws disclosed along with public exploitsEmail : Critical n8n flaws disclosed along with public exploits
VMware
04
Feb
2026

VMware ESXi flaw now exploited in ransomware attacks

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously…

Share: X : VMware ESXi flaw now exploited in ransomware attacksFacebook : VMware ESXi flaw now exploited in ransomware attacksLinkedin : VMware ESXi flaw now exploited in ransomware attacksReddit : VMware ESXi flaw now exploited in ransomware attacksTelegram : VMware ESXi flaw now exploited in ransomware attacksWhatsApp : VMware ESXi flaw now exploited in ransomware attacksEmail : VMware ESXi flaw now exploited in ransomware attacks
Cyber Sword
04
Feb
2026

The Double-Edged Sword of Non-Human Identities

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets…

Share: X : The Double-Edged Sword of Non-Human IdentitiesFacebook : The Double-Edged Sword of Non-Human IdentitiesLinkedin : The Double-Edged Sword of Non-Human IdentitiesReddit : The Double-Edged Sword of Non-Human IdentitiesTelegram : The Double-Edged Sword of Non-Human IdentitiesWhatsApp : The Double-Edged Sword of Non-Human IdentitiesEmail : The Double-Edged Sword of Non-Human Identities
GitLab
04
Feb
2026

CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability…

Share: X : CISA warns of five-year-old GitLab flaw exploited in attacksFacebook : CISA warns of five-year-old GitLab flaw exploited in attacksLinkedin : CISA warns of five-year-old GitLab flaw exploited in attacksReddit : CISA warns of five-year-old GitLab flaw exploited in attacksTelegram : CISA warns of five-year-old GitLab flaw exploited in attacksWhatsApp : CISA warns of five-year-old GitLab flaw exploited in attacksEmail : CISA warns of five-year-old GitLab flaw exploited in attacks
New Amaranth Dragon cyberespionage group exploits WinRAR flaw
04
Feb
2026

New Amaranth Dragon cyberespionage group exploits WinRAR flaw

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR in espionage attacks…

Share: X : New Amaranth Dragon cyberespionage group exploits WinRAR flawFacebook : New Amaranth Dragon cyberespionage group exploits WinRAR flawLinkedin : New Amaranth Dragon cyberespionage group exploits WinRAR flawReddit : New Amaranth Dragon cyberespionage group exploits WinRAR flawTelegram : New Amaranth Dragon cyberespionage group exploits WinRAR flawWhatsApp : New Amaranth Dragon cyberespionage group exploits WinRAR flawEmail : New Amaranth Dragon cyberespionage group exploits WinRAR flaw
Hacker
04
Feb
2026

EDR killer tool uses signed kernel driver from forensic software

Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in…

Share: X : EDR killer tool uses signed kernel driver from forensic softwareFacebook : EDR killer tool uses signed kernel driver from forensic softwareLinkedin : EDR killer tool uses signed kernel driver from forensic softwareReddit : EDR killer tool uses signed kernel driver from forensic softwareTelegram : EDR killer tool uses signed kernel driver from forensic softwareWhatsApp : EDR killer tool uses signed kernel driver from forensic softwareEmail : EDR killer tool uses signed kernel driver from forensic software
Windows utility
04
Feb
2026

Microsoft rolls out native Sysmon monitoring in Windows 11

Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program. Microsoft…

Share: X : Microsoft rolls out native Sysmon monitoring in Windows 11Facebook : Microsoft rolls out native Sysmon monitoring in Windows 11Linkedin : Microsoft rolls out native Sysmon monitoring in Windows 11Reddit : Microsoft rolls out native Sysmon monitoring in Windows 11Telegram : Microsoft rolls out native Sysmon monitoring in Windows 11WhatsApp : Microsoft rolls out native Sysmon monitoring in Windows 11Email : Microsoft rolls out native Sysmon monitoring in Windows 11
Incognito Market
04
Feb
2026

Owner of Incognito dark web drugs market gets 30 years in prison

A Taiwanese man was sentenced to 30 years in prison for operating Incognito Market, one of the world’s largest online…

Share: X : Owner of Incognito dark web drugs market gets 30 years in prisonFacebook : Owner of Incognito dark web drugs market gets 30 years in prisonLinkedin : Owner of Incognito dark web drugs market gets 30 years in prisonReddit : Owner of Incognito dark web drugs market gets 30 years in prisonTelegram : Owner of Incognito dark web drugs market gets 30 years in prisonWhatsApp : Owner of Incognito dark web drugs market gets 30 years in prisonEmail : Owner of Incognito dark web drugs market gets 30 years in prison
Coinbase
04
Feb
2026

Coinbase confirms insider breach linked to leaked support tool screenshots

Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has…

Share: X : Coinbase confirms insider breach linked to leaked support tool screenshotsFacebook : Coinbase confirms insider breach linked to leaked support tool screenshotsLinkedin : Coinbase confirms insider breach linked to leaked support tool screenshotsReddit : Coinbase confirms insider breach linked to leaked support tool screenshotsTelegram : Coinbase confirms insider breach linked to leaked support tool screenshotsWhatsApp : Coinbase confirms insider breach linked to leaked support tool screenshotsEmail : Coinbase confirms insider breach linked to leaked support tool screenshots
Step Finance says compromised execs
04
Feb
2026

Step Finance says compromised execs’ devices led to $40M crypto theft

Step Finance announced that it lost $40 million worth of digital assets after hackers compromised devices belonging to the company’s…

Share: X : Step Finance says compromised execs’ devices led to $40M crypto theftFacebook : Step Finance says compromised execs’ devices led to $40M crypto theftLinkedin : Step Finance says compromised execs’ devices led to $40M crypto theftReddit : Step Finance says compromised execs’ devices led to $40M crypto theftTelegram : Step Finance says compromised execs’ devices led to $40M crypto theftWhatsApp : Step Finance says compromised execs’ devices led to $40M crypto theftEmail : Step Finance says compromised execs’ devices led to $40M crypto theft
Wave of Citrix NetScaler scans use thousands of residential proxies
03
Feb
2026

Wave of Citrix NetScaler scans use thousands of residential proxies

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of residential proxies to…

Share: X : Wave of Citrix NetScaler scans use thousands of residential proxiesFacebook : Wave of Citrix NetScaler scans use thousands of residential proxiesLinkedin : Wave of Citrix NetScaler scans use thousands of residential proxiesReddit : Wave of Citrix NetScaler scans use thousands of residential proxiesTelegram : Wave of Citrix NetScaler scans use thousands of residential proxiesWhatsApp : Wave of Citrix NetScaler scans use thousands of residential proxiesEmail : Wave of Citrix NetScaler scans use thousands of residential proxies